package com.hzw.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter{

        @Override
        protected void configure(HttpSecurity http) throws Exception {
            //实现表单提交
            http.formLogin()
                    //当发现/login时认为是登录，必须和表单提交地址一样，去执行UserDetailServiceImpl
                    .loginProcessingUrl("/login")
                    //自定义登录页面
                    .loginPage("/login.html")
                    //登录成功跳转页码，post请求
                    .successForwardUrl("/toMain")
                    //失败跳转界面
                    .failureForwardUrl("/toError");


            //授权认证
            http.authorizeRequests()
                    //放行error.html,不需要认证
                    .antMatchers("/error.html").permitAll()
                    //放行login.html,不需要认证
                    .antMatchers("/login.html").permitAll()
                    //所有请求都必须被认证，必须登录之后才能被访问
                    .anyRequest().authenticated();

            //关闭防火墙
            http.csrf().disable();
        }

    @Bean
    public PasswordEncoder getPassword(){
        return new BCryptPasswordEncoder();
    }




}
